Need for IT Revolution in Health Care is Clear

Roll Call
3/13/2006
By Congressman Patrick J. Kennedy

It’s an election year, and that means we’ll be spending a lot of time talking about the need to bring down health care costs for businesses and families. We’ll probably dust off our pet proposals that are too controversial and divisive to actually become law, particularly this year.

Rather than repeating this tired pattern, though, we have a real opportunity to reduce the relentless march of health care costs while also getting dramatically better outcomes. The key is bringing health care into the information age. There is bipartisan agreement that health information technology needs to be a priority, but to realize its potential, we also must ensure that health care privacy is rock-solid.

The need for an IT revolution in health care is clear. The health care system failures are evident in the 98,000 annual deaths from preventable errors; the hundreds of thousands of preventable hospital-acquired infections; the fact that 45 percent of the time, patients do not receive recommended care; a child mortality rate worse than Cuba’s and, for African-American babies, worse than Sri Lanka’s and 86 other countries’; and, of course, the fact that for these outcomes we pay nearly double the average for industrialized nations.

Underlying these dismal statistics is an inability to effectively process the massive quantities of information that drive health care. With 27,000 new peer-reviewed

articles published each week, no provider can keep up with the exploding body of medical knowledge. More people with multiple chronic diseases means more providers

involved in any given case (Medicare patients with five or more chronic diseases average 13 different doctors), increasing the number of opportunities for communication failures and fragmenting knowledge about the patient. Systematic quality and safety improvement efforts are difficult, if not impossible, because most relevant data that should be analyzed is trapped in paper records in thousands of different providers’ record rooms.

Electronic medical records and health information networks that allow authorized providers and patients to easily access a person’s complete record can revolutionize health care by organizing the information. Technology can incorporate clinical decision support to help practitioners and patients make sure they are getting recommended care. It can eliminate the need for duplicative tests that drive up costs. It can create a powerful new research capacity so we can catch the next Vioxx early or detect biological outbreaks sooner. Digitizing patient charts can enable physicians to actively manage their patients rather than simply waiting for the next office visit. And making clinical information digital is a key to reforming our reimbursement practices so that we can ultimately pay for what matters - better health, not more care.

But simplifying access to information is a double-edged sword. We have seen from numerous data security breaches in a variety of fields that large quantities of individually identifiable information pose a tempting target. As we speed the transition to digital health care, we simultaneously need to ensure that privacy protections in this new environment are iron-clad.

The good news is that a digital health care system can enhance patient privacy while allowing us to dramatically improve care.

Today it is nearly impossible to restrict access to patient charts and they can be perused or even photocopied without anybody knowing. But electronic medical records can build in audit trails, so that every access to a chart is recorded. Electronic records can limit a user’s access to only the information within the record that is pertinent to the user. The creation of personal health records gives patients a way to control dissemination of their information, and IT reduces the number of individuals who need to handle sensitive demographic and clinical information.

To ensure that IT enhances, rather than detracts, from patient privacy, however, we must modernize the Health Insurance and Portability and Accountability Act of 1996 for this new era. While nobody relishes re-opening the HIPAA debates about privacy, it is clear that our privacy law at least must be updated to meet the new realities of online, digital clinical health information.

For example, today a hacker who breaks into a clinical database has not violated HIPAA. A hospital employee who sells the health record of a famous celebrity - or a Member of Congress - to a tabloid is not subject to criminal sanctions. Operators of health information networks and personal health record vendors are not subject to enforcement under HIPAA.

If a concept of health care privacy means anything, it is that individuals should be in control of their own health information. I should be able to decide who sees my personal health information - which might include the most sensitive things like genetic test results or diagnoses of mental illness, substance abuse or sexually transmitted diseases - and for what purposes.

If privacy is about control, we should make sure that our laws give individuals the ability to opt out of including their information in the emerging health information networks. We should require that access to a person’s comprehensive, identifiable information via a health information network take place only when that person has authorized it, expressly or by actions such as submitting a health insurance card or accepting a prescription or referral. And of course, we must ensure that HIPAA has adequate reach to bring criminal sanctions when an individual’s right to health care privacy is breached.

If we are to transform health care with IT - as I believe we must - it is imperative that we address these privacy concerns. Information technology is not at odds with privacy concerns. Quite the contrary, digitizing health care can improve both the quality and value of the care we receive and our control over our most sensitive personal information.

The great potential of bringing IT to health care lies in organizing and enhancing the flow of information. But better access to information requires better control of that access. By promoting the move to networked electronic medical records together with updated privacy laws, this year we can go to the hustings with some real progress in addressing our constituents’ health care problems.

Rep. Patrick Kennedy (D-R.I.) is a member of the House Appropriations subcommittee on Labor, Health and Human Services and Education.